CVE-2005-1842

Adobe Version Cue <1.3 - Local Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1842. PoCs published by vade79.

AI-analyzed exploit summary This exploit leverages a symlink attack on Adobe Version Cue's VCNative program to overwrite /etc/crontab, which then modifies /etc/sudoers to grant root access via sudo. It requires cron and sudo to be present on the system.

Description

VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, creates temporary log files with predictable names, which allows local users to modify arbitrary files via a symlink attack.

Exploits (1)

exploitdb WORKING POC VERIFIED

by vade79 · perllocalosx

https://www.exploit-db.com/exploits/1185

View Code ZIP pw:eip

This exploit leverages a symlink attack on Adobe Version Cue's VCNative program to overwrite /etc/crontab, which then modifies /etc/sudoers to grant root access via sudo. It requires cron and sudo to be present on the system.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Adobe Version Cue (VCNative) on macOS

No auth needed

Prerequisites: Adobe Version Cue installed · cron running · sudo installed

MITRE ATT&CK